Skip to content

Instantly share code, notes, and snippets.

#include "../inc/math_const.hlsl"
#include "../inc/math.hlsl"
#include "../inc/frame_constants.hlsl"
#include "../inc/uv.hlsl"
#include "../inc/hash.hlsl"
#include "../inc/pack_unpack.hlsl"
#include "../inc/gbuffer.hlsl"
[[vk::binding(0)]] Texture2D<float4> gbuffer_tex;
[[vk::binding(1)]] Texture2D<float> half_depth_tex;
@h3r2tic
h3r2tic / raymarch.hlsl
Last active July 18, 2026 20:00
Depth buffer raymarching for contact shadows, SSGI, SSR, etc.
// Copyright (c) 2023 Tomasz Stachowiak
//
// This contribution is dual licensed under EITHER OF
//
// Apache License, Version 2.0, (http://www.apache.org/licenses/LICENSE-2.0)
// MIT license (http://opensource.org/licenses/MIT)
//
// at your option.
#include "/inc/frame_constants.hlsl"

LLM Wiki

A pattern for building personal knowledge bases using LLMs.

This is an idea file, it is designed to be copy pasted to your own LLM Agent (e.g. OpenAI Codex, Claude Code, OpenCode / Pi, or etc.). Its goal is to communicate the high level idea, but your agent will build out the specifics in collaboration with you.

The core idea

Most people's experience with LLMs and documents looks like RAG: you upload a collection of files, the LLM retrieves relevant chunks at query time, and generates an answer. This works, but the LLM is rediscovering knowledge from scratch on every question. There's no accumulation. Ask a subtle question that requires synthesizing five documents, and the LLM has to find and piece together the relevant fragments every time. Nothing is built up. NotebookLM, ChatGPT file uploads, and most RAG systems work this way.

@icesfont
icesfont / README.md
Last active July 18, 2026 19:55
SVART BOARD

Despite the session cookie being SameSite=Strict, we can still CSRF a request to set the memo to contain an XSS payload, and the corresponding session cookie will be set (as part of a response to a top-level navigation). We can also stop the cookie from being overridden by cancelling the redirect to / (via hitting the redirect limit). The remaining part of the challenge is to actually send this cookie with a navigation request.

When the headless bot navigates to a page with page.goto(), the initiator is null, which is treated as same-site with the request URL. Adjacently, when a request is made in Chromium, if the initiator site and target site agree according to this prior check, then [SameSite=Strict cookies will be sent regardless of whether the chain of redirects to the target site included a cross-site redirect or not, by default](https://source.chromium.o

@frevadiscor
frevadiscor / POC_GIST_README.md
Last active July 18, 2026 19:54
TRX CTF GeckoDRCE PoCs

GeckoDRCE PoCs

These are the PoCs referenced in the GeckoDRCE writeup.

There are three exploit implementations here. The first two share the teardown race, but use different post-race transports.

They were written for the TRX CTF web/geckodrce challenge environment:

  • the target exposes POST /visit and accepts a Firefox .xpi;
  • Firefox is launched through Selenium/geckodriver;
@parrot409
parrot409 / _writeup.md
Last active July 18, 2026 19:54
Impossible Leak - SECCON 2025 Quals

XS Leaks using disk cache grooming

The admin bot creates a new browsing context with createBrowsingContext() and uses that to create a page. Each browsing context should have a dedicated disk cache but how does chrome handle this? I deduced that it uses in-memory disk cache and it's much smaller than the default on-disk disk cache. The incognito tab of my browser has the same behavior.

The following page alerts "not cached" due to cache miss in incognito mode but no error happens in a regular tab.

$ head /dev/urandom -c 5242880 > chunk
$ cat <<EOF > index.html
@madhurimarawat
madhurimarawat / standout-dev-project-ideas-ai-ml-fullstack.md
Created February 13, 2026 06:42
A curated collection of unique, slightly crazy, and placement-worthy AI, ML, and Full Stack project ideas. Built to solve one real developer problem: running out of strong project ideas.

๐Ÿš€ Project Ideas for GitHub AI, ML and Full Stack

Contains AI, ML and Full Stack projects with links and also unique ideas without GitHub references. You can pick from here, implement them in your own way, and then add your repository link here later.

Project Illustration

So first of all, the reason behind this gist. I thought about something we all have in common as developers, the constant struggle to find project ideas. So for that, I made this gist. It contains all my ideas for some cool, slightly crazy projects.

[!IMPORTANT]

For my reference in the future I will record here the steps that I had to follow in order to install Openwrt on the tp-link router EX220. This was done using a Windows 11 machine.

Disclaimer: Use this tutorial at your own risk. We are not responsible for any damage/harms done to your device using the information from this tutorial.

Steps to install OpenWRT on EX220 router

OEM installation using the serial + TFTP method

These are the steps provided at the official https://openwrt.org/toh/tp-link/ex220_v1 page:

#Requires AutoHotkey v2.0
#SingleInstance Force
#MaxThreadsPerHotkey 1
InstallKeybdHook()
SendMode "Input"
SetKeyDelay -1, -1
SetWinDelay -1
SetControlDelay -1
DetectHiddenWindows true ; the OSD window is hidden ~always; this lets
; WinSetTransparent (and any ahk_id op) address it